176 to 200 of 854 ISO/IEC 27001 Jobs in the UK

locations around the world. Act as a core member of the Incident Response Team, triaging, responding to and reporting incidents and providing cyber security metrics. Evaluating and determining if / when information security violations have occurred through examination of network or device logs, open-source research, vulnerability and configuration scan data, and user provided reports. Demonstrate a strong understanding … years). 2-4 years in a cybersecurity or SOC environment. Strong understanding of OSI model, incident response, and threat analysis. Proficient in SIEM tools (e.g., Splunk), IAM, server / network security, and vulnerability management. Familiarity with ISO 27001, NIST CSF, and general security frameworks. Effective communicator across all organizational levels; strong multitasking and organization More ❯

technical guidance to the team while staying updated on emerging technologies. Key Responsibilities : Architect, lead, and optimize the organizations infrastructure, network, and database ecosystems. Manage large-scale database and / or data repositories ensuring high availability, scalability, and security to support Warehouse Management platform product and solution deliveries to include platforms executing the automation deliverables. Oversee on-prem and … cloud-native infrastructure strategies, ensuring resilience and disaster recovery. Implement advanced database / data repository replication, sharding, partitioning, and performance tuning. Develop automation strategies for infrastructure provisioning and configuration management to support both internal platforms used for product development and external platforms used for project and customer service lifecycle management. Establish security policies and procedures for infrastructure and databases … security). Lead incident response, root cause analysis, and forensic investigation for infrastructure-related outages for both internal and external environment areas. Drive cloud migration and modernization efforts (hybrid / multi-cloud strategies). Collaborate with stakeholders and leadership to define and manage the infrastructure roadmaps and strategies aligning with the DevOps / Product Development teams for delivery More ❯

grow. This is a cross-functional, hands-on role with a strong strategic lens -you'll own our information security posture end-to-end, ensuring we maintain our ISO 27001 accreditation, while preparing for other relevant accreditations (such as SOC2 and Cyber Essentials). You'll proactively manage risks and help create a secure environment where … ll Do Information Security Leadership Own and evolve our ISMS (Information Security Management System), ensuring it remains fit for purpose as we scale. Maintain and advance compliance across ISO 27001, SOC2, Cyber Essentials, GDPR, and any emerging frameworks (e.g. PCI DSS, AI governance), ensuring we are audit-ready. Identify, assess, and mitigate security risks across infrastructure … handling. Secure Tooling and IT Ops Oversight Guide secure configuration and ongoing management of tools like Kandji, Twingate, and 1Password. Oversee secure onboarding and offboarding workflows from a systems / access perspective, reducing risk during personnel changes. Partner with internal stakeholders to manage vendor selection and SaaS procurement, balancing usability, security and cost. Proactively monitor access controls, audit trails More ❯

Research Environment (TRE) at the University of Glasgow, and in partnership with NHS Greater Glasgow and Clyde. The postholder will ensure the TRE is aligned with governance and AI / ML workflows, to achieve key milestones across academic, clinical, and industry-facing projects. The role requires a high level of cross-sector coordination, stakeholder engagement, financial oversight, and support … and commitment for a research-driven, AI / ML-enabled infrastructure with national relevance. Main Duties and Responsibilities 1. To lead on the planning, coordination, and execution of all phases of TRE implementation, ensuring on-time and on-budget delivery of infrastructure setup, AI workflow deployment, and governance milestones. 2. Facilitate alignment and collaboration between NHS Safe Haven, MVLS … IT, and Services teams to manage the transition from existing TRE provider (Robertson Centre for Biostatistics) to long-term operational sustainability. 3. Support the delivery of key demonstrator AI / ML projects (digital pathology, imaging, NLP) that will shape the TRE's foundational workflows for integration into national health research infrastructure. 4. To play a key role to ensure More ❯

Job Description: Customer IT Assurance Manager Location: Flexible – Staines (TW18 3DZ), London (EC2R 7HJ) or Leeds (LS5 3BF) Flexible / Hybrid working. Permanent £70,000 - £80,000 (Neg depending on experience & location) Role specific benefits: 10% Bonus (Company & Performance related) Full time – 37.5 hours per week We make health happen At Bupa, we’re passionate about technology. With colleagues … and align to Bupa’s services. Oversee the delivery of TEA function including delivery of metrics and reporting; execution of quality assurance to Bupa standards; and effective work planning / allocation / prioritisation. Develop and maintain customer-based content to improve the ongoing operation and delivery of customer IT due diligence, including internal knowledge base, whitepapers and product … by the Head of External Assurance. Own the execution of other activities as directed by Head of External Assurance, including ad-hoc projects and Supplier assurance activities. Key Skills / Qualifications needed for this role: Senior professional experience with direct management responsibilities in either a Big 8 external practice, Internal Audit, or supplier / customer assurance function for More ❯

deployment strategies , ensuring security and performance Work with Terraform, Deployment Manager, and CloudFormation for IaC-based deployments Security and Compliance: Implement cloud security measures and ensure compliance with ISO 27001, PCI DSS, GDPR, and other industry standards Define cloud architecture standards and best practices for a secure cloud environment Performance Optimisation: Monitor and optimise cloud resources … Experience 7+ years of experience in designing, implementing, and managing cloud-based solutions across multiple cloud platforms Primary Expertise: Deep hands-on experience in Google Cloud (GCP) Basic knowledge / willing to learn AWS Proven experience in designing and implementing cloud architectures and solutions Experience with Apache Kafka , including setup, configuration, monitoring, and troubleshooting Proficiency in Kubernetes (GKE) , including … with container orchestration, Helm charts, and Kubernetes operators Hands-on experience with DevOps tools (e.g., GitLab, Jenkins, ArgoCD ) and Infrastructure-as-Code (IaC) (e.g., Terraform, Ansible ) Experience with CI / CD pipelines (Jenkins, GitLab CI, ArgoCD) and source control management (Git) Strong scripting skills (e.g., Bash, Shell, PowerShell, Python ) Experience in automating infrastructure deployment using IaC tools such as More ❯

sessions. Regularly evaluate the effectiveness of training programs through metrics, surveys, and simulated cyber-attacks (e.g., phishing simulations) to track progress and identify areas for improvement. Identify high-risk / high-value individuals and groups that require specialised cyber security training (e.g. the Board, IT Admins, HR). Develop and deliver custom training to address the groups specific business … to senior management, highlighting key trends and any actions required. Ensure that the training and awareness framework is aligned with relevant frameworks, standards and regulations (e.g., NIS2, GDPR, ISO 27001, NIST, etc.). Leverage tools and technologies to enhance delivery and management of the cyber security training and awareness programme. The Person (Essentials) A Bachelor's … stakeholder management skills. Experience with risk assessment tools and methodologies. Ability to work independently and manage multiple priorities You'll have the right to work in Ireland (EU Citizen / Stamp 4 Visa) Happy to work in a hybrid model and be on-site for meetings as required Salary Starting salary is €81,000 with a leading benefits package More ❯

support internal audits with robust systems and policies. • Incident & Change Leadership: Manage incidents and changes efficiently, providing strategic oversight on high-priority issues. • Financial Stewardship: Plan and manage Opex / Capex budgets, track spend, and identify cost-saving opportunities. You ll also lead on: • Cybersecurity Operations: Partner with our vCISO to manage 24 7 monitoring, vulnerability management, and secure … or higher) in Computer Science, Information Systems, Engineering, or related field. • MBA or postgraduate qualification (desirable). • ITIL v4 Managing Professional or ITIL Expert (mandatory). • Certifications in ISO 27001, COBIT, Microsoft Azure, Lean Six Sigma, Prince2, or SAFe Agilist. Leadership & Communication • Gravitas to influence regulators and auditors. • Exceptional stakeholder management and communication skills. • Commercial acumen … proud to be the only carbon negative pet insurer in the UK. What we offer: • 25 days annual leave which increases with service, plus bank holidays • Opportunity to buy / sell up to 5 days annual leave per calendar year • Pension and Life Assurance scheme • Access to 25% off insuring your pet with Agria. Friends and family are also More ❯

support internal audits with robust systems and policies. • Incident & Change Leadership: Manage incidents and changes efficiently, providing strategic oversight on high-priority issues. • Financial Stewardship: Plan and manage Opex / Capex budgets, track spend, and identify cost-saving opportunities. You’ll also lead on: • Cybersecurity Operations: Partner with our vCISO to manage 24×7 monitoring, vulnerability management, and secure … or higher) in Computer Science, Information Systems, Engineering, or related field. • MBA or postgraduate qualification (desirable). • ITIL v4 Managing Professional or ITIL Expert (mandatory). • Certifications in ISO 27001, COBIT, Microsoft Azure, Lean Six Sigma, Prince2, or SAFe Agilist. Leadership & Communication • Gravitas to influence regulators and auditors. • Exceptional stakeholder management and communication skills. • Commercial acumen … proud to be the only carbon negative pet insurer in the UK. What we offer: • 25 days annual leave which increases with service, plus bank holidays • Opportunity to buy / sell up to 5 days annual leave per calendar year • Pension and Life Assurance scheme • Access to 25% off insuring your pet with Agria. Friends and family are also More ❯

cybersecurity or a related field. Knowledge of security frameworks and standards (e.g., ISO 27001, NIST). Experience with security tools and technologies (e.g., firewalls, IDS / IPS). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as part of a team. Experience with cloud and internet security. More ❯

security specialism is aligned. Engineering degree with minimum 5 years' experience in product security and CISSP, CISM or equivalent qualification Practical experience of risk management frameworks (NIST SP800-37, ISO27001) Practical experience of risk assessment processes (NIST SP800-30 and ISO 27005) Practical experience of applying security controls (NIST SP800-53 and ISO27002) Practical experience of Secure by … Design requirements (ISN 2023 / 09) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Ability to interpret Penetration Test Reports and write Remediation Action Plans An appreciation of the wider UK Government Assurance Processes (such as JSP 440, DEFSTAN 05-139 or the CAF GovAssure processes). This is not an exhaustive list More ❯

related fields; experience in AI would be an additional advantage. Expertise in risk management tools and frameworks. Familiarity with regulatory compliance requirements (e.g., UK Corporate Reform, SOx, GDPR, ISO 27001) and industry best practices. Experience working with IT, compliance, and vendor management teams. A strong understanding of risk assessment methodologies and practices. Professional certifications such as … of a growing team, who embrace diversity and inclusion and who are market-oriented and ready to help our clients solve and control their biggest issues, risks and regulatory / compliance requirements. What we offer EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance More ❯

guiding clients through complex third-party audits. Key Responsibilities Cybersecurity Program Evaluation Lead cyber assurance engagements, assessing client cybersecurity programs for compliance with industry standards such as NIST, ISO 27001, and other relevant frameworks. Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements. Vulnerability Assessment and Penetration … management, and regulatory compliance audits. Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001). Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles. In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance … projects. Education & Certifications: Bachelor’s or master’s degree in information security, Computer Science, Engineering, or a related field. Relevant certifications such as CREST, OSCP, CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing. Skills: Strong commercial acumen, with proven ability to generate new More ❯

8+ years of experience in Information Security or IT , with 3+ years in IT Audit or security control testing Familiar with security frameworks such as NIST 800-53, ISO 27001, CIS Controls, COBIT Hands-on experience using RSA Archer, ServiceNow , and familiarity with automation and data-driven testing Working knowledge of cloud environments ( AWS, Azure ) and … related security controls Relevant certifications: CISA, CISM, CISSP, ISO 27001 Lead Auditor (desirable) Excellent communication skills with the ability to translate technical findings into business risks Experience with Agile methodologies (Kanban, Jira) a plus Interested? Apply today with your CV and we'll be in touch to discuss the role in more detail and arrange next More ❯

standards and product specifications, especially regarding regulatory compliance and Cyber security. Ensure compliance with industry standards and regulatory requirements specific to fire alarm and life safety devices (EN54\UL864\ISO27001\CE). Implement best practices in coding, testing, and documentation. Develop and refine measurable software development processes to enhance efficiency and quality. Collaborate with R&D team section managers to … Degree level in Engineering, preferably with a Software focus. Experience Considerable proven experience managing development teams of 10-15 engineers within an electronic product segment, ideally regulatory controlled. Knowledge / Skills Management Proven experience leading and managing software development teams of various sizes, with a track record as an exceptional people manager. Ability to mentor, coach, motivate, and develop … design documents that comprehensively describe the product design and functionality. Certification Experience in designing products for a regulatory controlled market and ensuring compliance with those standards including ISO9001 and ISO27001 / NIST or other relevant security frameworks. This is an excellent opportunity to become part of the key engineering team within a developing business with its culture shaped by More ❯

Support Technician to provide outstanding support for their client of 900 users based in Woodstock, Oxfordshire and offices around the UK. This role is a mixture of 3rd Line / infrastructure support, system maintenance tasks & project work and requires the technician to be flexible, agile and resourceful. Good communication skills are essential as are an attention to detail, the … through to completion Technical Skills and Qualifications Essential Security Infrastructure (Firewalls etc) Windows Desktop environments, including the latest Windows Version Windows Server (Apply online only) Microsoft Exchange Server 2013 / 2016 / Office 365 Networking – LAN, VLAN’s, Wi-Fi, WAN, Firewalls Virtualisation – VMware / Hyper-V Understanding of Information Security best practices Understanding of ITIL best … deployment Cloud Hosting (AWS, Azure) Experience with DR and Backups Technologies, in particular ArcServe Cloud Antivirud & Managed Networks Cloud managed telephony Cloud migration experience Microsoft Intune Cyber Essentials Plus & ISO27001 More ❯

Documenting alignment of existing controls with compliance frameworks. Implementation Plans: Designing and deploying new security controls. Updated Security Documentation: Policies, procedures, and system security plans. Essential Qualifications & Experience BSc / MSc in IT Security or … a related field, or relevant industry experience. 5+ years of experience in security architecture, with at least 2 years in a similar role. Strong knowledge of NIST 800-53, ISO27001, PCI DSS, and COBIT. Experience with security frameworks (SABSA, TOGAF). Understanding of threat and risk analysis methodologies. Experience in cloud security (Azure, AWS, Google). Ability to work in … high-security HMG and MOD environments. Desirable Certifications CompTIA Security+, CISSP, CISM, CCSP, TOGAF, SABSA SCF. CESG Certified Cyber Professional (CCP) in Security Architecture or Risk Management. ISO27001 Lead Auditor. More ❯

the spirit of regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management More ❯

Job Description: Director of NetworksPermanentLondon / Staines / Manchester (Hybrid Working) We make health happen At Bupa, we’re here to help people live longer, healthier, happier lives – and make a better world. As a global healthcare leader with no shareholders, our focus is always on our customers and our people. That’s why we invest in innovation … zero-trust networking and platforms like Palo Alto Prisma.• Experience with Microsoft Azure and Google Cloud Platform networking.• Familiarity with compliance frameworks such as HIPAA, GDPR, NIST, and ISO 27001.• A data-driven mindset with a focus on user experience and operational excellence.• Experience working in a product-centric model, embedding DevSecOps and SRE principles.• Excellent leadership, communication … s why we especially encourage applications from people with diverse backgrounds and experiences. Bupa is a Level 2 Disability Confident Employer. This means we aim to offer an interview / assessment to every disabled applicant who meets the minimum criteria for the role. We’ll make sure you are treated fairly and offer reasonable adjustments as part of our More ❯

the spirit of regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management More ❯

the spirit of regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management More ❯

the spirit of regulatory frameworks. Key Areas of Responsibility: Regulatory Implementation & Frameworks Assist in establishing a comprehensive resilience framework that meets DORA standards and other recognised guidelines (e.g. ISO 22301, ISO 27001, NIST). Draft internal controls, policies, training content, and risk assessment methodologies. Contribute to core DORA workstreams such as ICT risk management More ❯

technology estates. You will have proven experience with Cyber Security best practice including remediations for the MITRE ATT&CK Framework and NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the UK Telecoms Security Act would be advantageous to your application. You More ❯

in hand with maintaining our inventory management system Provide in person support in our office in London and remote support as well for the remote employees in other countries / offices. Work with the Infrastructure Team in managing, supporting and improving our cloud posture Stay up-to-date with new technologies and services that could improve IT operations. Ability … to stabilize the lifecycle of our hardware equipment. Minimum Qualifications University level degree (at postgraduate level is a plus) in Computer Science, Information Technology or relevant field of study / experience Excellent oral and written communication skills Excellent presentation skills Minimum Experience A solid background in IT and have worked at least 5 years in an IT-related area. … being able to explain / present upwards to Senior Management Ability to adopt a security-first posture supporting the broader IT team in delivering systems and processes to ISO27001 and WLA standards. Networking skills in order to troubleshoot network connectivity issues. (Tools such as Palo Alto / Cisco Meraki advantageous ) Familiarity with cloud environments like AWS Familiarity with More ❯

ensuring compliance with security standards, managing incidents, and collaborating with internal and external stakeholders. Key Responsibilities: Lead and manage the Cyber Security Operations team. Ensure compliance with security standards (ISO27001, NCSC CAF). Manage security incidents and vulnerabilities. Collaborate with third-party suppliers and internal teams. Provide expert advice on security technologies and processes. Requirements: Proven team leadership experience.Strong knowledge … of security technologies (firewalls, IDS / IPS, SIEM).Relevant qualifications (CISSP, CISM, etc.). Apply now to make a significant impact on NHS BSA's cyber security strategy! What do we offer?o 27 days leave (increasing with length of service) plus 8 bank holidayso Flexible working (we are happy to discuss options such as compressed hours)o Hybrid … people connected to care. Job description Job responsibilities In this role, you are accountable for 1. As the Security operations team lead you will support the Infrastructure Services Manager / Head of Cyber Security & infrastructure Services ensuring NHSBSA systems security is managed and appropriate access control and monitoring on all systems is maintained. 2. To work with NHSBSA staff More ❯